The Endpoint Protection client creates a pop-up warning indicating "Old Virus Definition File"
search cancel

The Endpoint Protection client creates a pop-up warning indicating "Old Virus Definition File"

book

Article ID: 153737

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection (SEP) clients display warning messages about out-of-date virus definitions. The SEP client is utilizing the latest definitions provided by the Symantec Endpoint Protection Manager (SEPM). The SEPM may or may not have the latest definitions available from the Symantec LiveUpdate servers.

A pop-up warning message titled: "Old Virus Definition File" appears.

The default message displayed is: "Your virus definitions are currently out of date. Contact your system administrator on how to update them."

The SEP client interface displays an error message stating: "Virus and Spyware Protection definitions are out of date".

Cause

This issue occurs when definitions on the client computer are older than the number of days configured in the Virus and Spyware Protection Policy for alerts about outdated definitions.

If the definitions on the SEP client and SEPM server are less than 24 hours old, the Virus and Spyware Protection Policy is likely configured to warn after definitions are one (1) day out of date. This configuration does not follow best practices as new definitions are not made available immediately at midnight.

 

Resolution

This issue can be resolved by ensuring that the virus definition policy used by affected clients provides enough time before warning about outdated definitions. The configured time should be no lower than the amount of time it takes all clients in the environment to receive updated definitions plus one day.

To modify the virus definition policy's notification settings: 

  1. In the SEPM console, in the left pane, click Policies.
  2. In the middle pane, under Policies, click Antivirus and Antispyware Policies.
  3. In the right pane, under Antivirus and Antispyware Policies, right-click the policy used by the affected clients and then choose Edit....
  4. In the Virus and Spyware Policy window, in the left pane under Advanced Options, click Miscellaneous.
  5. In the right pane, on the Miscellaneous tab, under Display a Windows Security Center message when definitions are outdate, set the Warn After option to the appropriate number of days. 
  6. Set the Days before a warning appears in Symantec Endpoint Protection value to the number of days calculated as "safe" for the affected clients.
  7. Click OK to  save the changes to the policy.
     

Note:  When the out-of-date definition condition is triggered, you may see the notification message pop up multiple times on the SEP client. This notification continues to pop up until the definitions are current (as defined by the SEPM policy).

To avoid seeing this message more than once on the client, on the pop-up notification window, click Don't remind me again until after the next update, and then click Close.